module.exports = (options) => {
    const jwt = require('jsonwebtoken')
    const assert = require('http-assert')
    const AdminUser = require('../../model/AdminUser')

    return (req, res, next) => {
        const token = req.headers.authorization
            // 抛出异常
        assert(token, 401, '请提供jwt token')
        const { id } = jwt.verify(token, req.app.get('secret'))
            // 抛出异常
        assert(id, 401, '无效的jwt tkoen')
        req.user = AdminUser.findById(id) //挂到req上的话，全局都能用
            // 抛出异常
        assert(req.user, 401, '请先登录')
        next()
    }
}